Use this URL to cite or link to this record in EThOS:
Title: Continuous authentication on mobile devices
Author: Smith-Creasey, Max
ISNI:       0000 0005 0285 6918
Awarding Body: City, University of London
Current Institution: City, University of London
Date of Award: 2020
Availability of Full Text:
Access from EThOS:
Full text unavailable from EThOS. Thesis embargoed until 30 Nov 2023
Access from Institution:
Mobile devices are one of the most popular technologies in the world. Sales have increased yearly and almost all households have at least one. They are used for personal and business use, storing a plethora of private data. The data stored on these devices could be used for malicious purposes if obtained by attackers. Recently, traditional authentication techniques have been shown to have flaws that enable attackers to bypass them. Furthermore, traditional techniques only authenticate once, which enables attackers to steal an unlocked device and still maintain the ability to access private data. Researchers have proposed continuous authentication techniques to mitigate these issues, but there is work required to make such approaches both secure and usable. Most schemes currently are limited in modalities and lack the flexibility that can enhance both security and usability. This thesis focuses on advancing continuous authentication on mobile devices through providing new and novel mechanisms. In order to achieve this, the thesis proposes four novel contributions described in the following. The first contribution is a continuous authentication scheme based on a modality with little existing research: gesture typing. A novel set of six feature groupings are constructed to contain different types of features and capture the nuances word-gestures. The result shows the proposed technique performs better than other touchscreen-based features. Within this contribution, the activity performed during the typing sessions are also considered. The second contribution provides a scheme for continuous face authentication, including modules that current schemes were found to lack: liveness detection, contextual awareness and face tracking. Results show that each of these modules can provide significant benefits to security and usability (e.g.: detection of illumination or activity context allows a template from the same context to be selected for enhanced accuracy). The third contribution is a multi-modal behavioural authentication scheme using passively collected sensor data to authenticate users. A set of novel techniques for modelling the uncertainty in the scores obtained from the sensors is produced. The scores and the uncertainty in them can then be fused, using Dempster-Shafer theory. This scheme is shown to provide better accuracy than other commonly used fusion approaches due to the use of uncertainty. The last contribution joins the concepts of the previous contributions and employs touchscreen and face biometrics in an ensemble learning scheme to combine and enhance the biometrics. Furthermore, an adaptive threshold mechanism is introduced to compare the combined touchscreen and face score against. The threshold is adapted based on the score of the passively collected biometrics from the previous contribution. This approach is shown to yield enhanced and adaptable security and usability.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available
Keywords: QA75 Electronic computers. Computer science